當(dāng)前位置：首頁 > 运维知识 > linux >内容正文

linux

Linux下的DNS服务器搭建

發(fā)布時(shí)間：2025/4/16 linux 19 豆豆

生活随笔收集整理的這篇文章主要介紹了 Linux下的DNS服务器搭建小編覺得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.

Linux下的DNS服務(wù)器搭建

一、DNS介紹
- 1.dns域名系統(tǒng)
- 2.正向解析和反向解析
二、檢查環(huán)境
三、搭建主DNS
- 1.安裝dns相關(guān)包
- 2.設(shè)置服務(wù)開機(jī)自啟
- 3.編輯DNS主配置文件
- 4.編輯區(qū)域文件
- 5.編輯正向數(shù)據(jù)庫文件
- 6.編輯反向數(shù)據(jù)庫文件
- 7.文件授權(quán)
- 8.重啟服務(wù)
- 9.放行防火墻
四、測(cè)試dns服務(wù)
- 1.客戶端上配置dns服務(wù)器指向
- 2.測(cè)試A記錄解析
- 3.反向解析

一、DNS介紹

1.dns域名系統(tǒng)

1.域名系統(tǒng)（英文：Domain Name System，縮寫：DNS）是互聯(lián)網(wǎng)的一項(xiàng)服務(wù)。它作為將域名和IP地址相互映射的一個(gè)分布式數(shù)據(jù)庫，能夠使人更方便地訪問互聯(lián)網(wǎng)。DNS使用UDP端口53。當(dāng)前，對(duì)于每一級(jí)域名長度的限制是63個(gè)字符，域名總長度則不能超過253個(gè)字符。

2.域名解析是把域名指向網(wǎng)站空間IP，讓人們通過注冊(cè)的域名可以方便地訪問到網(wǎng)站的一種服務(wù)。IP地址是網(wǎng)絡(luò)上標(biāo)識(shí)站點(diǎn)的數(shù)字地址，為了方便記憶，采用域名來代替IP地址標(biāo)識(shí)站點(diǎn)地址。域名解析就是域名到IP地址的轉(zhuǎn)換過程。域名的解析工作由DNS服務(wù)器完成。

2.正向解析和反向解析

正向解析：根據(jù)域名查詢IP地址，是DNS最基本也是最常用的功能
反向解析：根據(jù)IP地址查詢域名

二、檢查環(huán)境

[root@control ~]# cat /proc/version Linux version 4.18.0-80.el8.x86_64 (mockbuild@x86-vm-08.build.eng.bos.redhat.com) (gcc version 8.2.1 20180905 (Red Hat 8.2.1-3) (GCC)) #1 SMP Wed Mar 13 12:02:46 UTC 2019 [root@control ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens160: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000link/ether 00:0c:29:e6:30:17 brd ff:ff:ff:ff:ff:ff 3: ens224: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master bond0 state UP group default qlen 1000link/ether 00:0c:29:e6:30:17 brd ff:ff:ff:ff:ff:ff 4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000link/ether 00:0c:29:e6:30:17 brd ff:ff:ff:ff:ff:ffinet 192.168.200.150/24 brd 192.168.200.255 scope global noprefixroute bond0valid_lft forever preferred_lft foreverinet 192.168.200.151/24 brd 192.168.200.255 scope global secondary noprefixroute bond0valid_lft forever preferred_lft foreverinet6 fe80::d40d:838b:b162:da0c/64 scope link noprefixroute valid_lft forever preferred_lft forever 5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000link/ether 52:54:00:68:9e:ab brd ff:ff:ff:ff:ff:ffinet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0valid_lft forever preferred_lft forever 6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000link/ether 52:54:00:68:9e:ab brd ff:ff:ff:ff:ff:ff

三、搭建主DNS

1.安裝dns相關(guān)包

[root@control yum.repos.d]# yum -y install bind bind-chroot Updating Subscription Management repositories. Unable to read consumer identity This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. AppStream 261 kB/s | 3.2 kB 00:00 BaseOS 227 kB/s | 2.7 kB 00:00 ansiable 2.9 MB/s | 3.0 kB 00:00 Dependencies resolved. ===============================================================================================================================================Package Arch Version Repository Size =============================================================================================================================================== Installing:bind x86_64 32:9.11.4-16.P2.el8 AppStream 2.1 Mbind-chroot x86_64 32:9.11.4-16.P2.el8 AppStream 99 kTransaction Summary =============================================================================================================================================== Install 2 PackagesTotal size: 2.2 M Installed size: 4.7 M Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transactionPreparing : 1/1 Running scriptlet: bind-32:9.11.4-16.P2.el8.x86_64 1/2 Installing : bind-32:9.11.4-16.P2.el8.x86_64 1/2 Running scriptlet: bind-32:9.11.4-16.P2.el8.x86_64 1/2 Installing : bind-chroot-32:9.11.4-16.P2.el8.x86_64 2/2 Running scriptlet: bind-chroot-32:9.11.4-16.P2.el8.x86_64 2/2 Verifying : bind-32:9.11.4-16.P2.el8.x86_64 1/2 Verifying : bind-chroot-32:9.11.4-16.P2.el8.x86_64 2/2 Installed products updated.Installed:bind-32:9.11.4-16.P2.el8.x86_64 bind-chroot-32:9.11.4-16.P2.el8.x86_64 Complete!

2.設(shè)置服務(wù)開機(jī)自啟

[root@control yum.repos.d]# [root@control yum.repos.d]# systemctl enable --now named Created symlink /etc/systemd/system/multi-user.target.wants/named.service → /usr/lib/systemd/system/named.service. [root@control yum.repos.d]# systemctl status named ● named.service - Berkeley Internet Name Domain (DNS)Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)Active: active (running) since Wed 2021-06-23 02:57:21 UTC; 11s agoProcess: 60709 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)Process: 60706 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else ec>Main PID: 60711 (named)Tasks: 4 (limit: 24900)Memory: 54.8MCGroup: /system.slice/named.service└─60711 /usr/sbin/named -u named -c /etc/named.conf

3.編輯DNS主配置文件

[root@control yum.repos.d]# vim /etc/named.conf options {listen-on port 53 { any; };listen-on-v6 port 53 { ::1; };directory "/var/named";dump-file "/var/named/data/cache_dump.db";statistics-file "/var/named/data/named_stats.txt";memstatistics-file "/var/named/data/named_mem_stats.txt";secroots-file "/var/named/data/named.secroots";recursing-file "/var/named/data/named.recursing";allow-query { any; };

4.編輯區(qū)域文件

[root@control yum.repos.d]# vim /etc/named.rfc1912.zones zone "huaxia.com" IN {type master;file "named.zx";allow-update { none; }; };zone "200.168.192.in-addr.arpa" IN {type master;file "named.fx";allow-update { none; }; };

5.編輯正向數(shù)據(jù)庫文件

[root@control ~]# vim /var/named/namd.zx $TTL 1D @ IN SOA ns.huaxia.com. root. (2021062209 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimum @ IN NS ns.huaxia.com. ns IN A 192.168.200.150 www IN A 192.168.200.150 server0 IN A 192.168.200.150

6.編輯反向數(shù)據(jù)庫文件

[root@control ~]# vim /var/named/named.fx $TTL 1D @ IN SOA ns.huaxia.com. root. (2021062209 ; serial1D ; refresh1H ; retry1W ; expire3H ) ; minimum @ NS ns.huaxia.com. ns IN A 192.168.200.150 22 PTR www.huaxia.com.

7.文件授權(quán)

[root@control named]# chown named.named * [root@control named]# pwd /var/named [root@control named]# ll total 24 drwxr-x--- 7 named named 61 Jun 23 10:55 chroot drwxrwx--- 2 named named 23 Jun 23 10:57 data drwxrwx--- 2 named named 60 Jun 23 17:28 dynamic -rw-r----- 1 named named 2253 Apr 5 2018 named.ca -rw-r----- 1 named named 152 Dec 15 2009 named.empty -rw-r--r-- 1 named named 513 Jun 23 17:28 named.fx -rw-r----- 1 named named 152 Jun 23 11:58 named.localhost -rw-r----- 1 named named 168 Dec 15 2009 named.loopback -rw-r----- 1 named named 271 Jun 23 14:13 named.zx drwxrwx--- 2 named named 6 Feb 25 2019 slaves

8.重啟服務(wù)

[root@control ~]# systemctl restart named

9.放行防火墻

[root@control ~]# firewall-cmd --permanent --add-service=dns success [root@control ~]# firewall-cmd --reload success

四、測(cè)試dns服務(wù)

1.客戶端上配置dns服務(wù)器指向

[root@node1 ~]# vim /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.200.150 domain example.com search example.com

2.測(cè)試A記錄解析

[root@node1 ~]# nslookup server0.huaxia.com Server: 192.168.200.150 Address: 192.168.200.150#53Name: server0.huaxia.com Address: 192.168.200.150

3.反向解析

[root@node1 ~]# nslookup > server0.huaxia.com Server: 192.168.200.150 Address: 192.168.200.150#53Name: server0.huaxia.com Address: 192.168.200.150 > 172. Server: 192.168.200.150 Address: 192.168.200.150#53** server can't find 172: NXDOMAIN > 192.168.200.22 22.200.168.192.in-addr.arpa name = www.huaxia.com.

總結(jié)

以上是生活随笔為你收集整理的Linux下的DNS服务器搭建的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。

上一篇： Python基础类型之元组
下一篇： Linux下的主辅DNS服务器同步